metasploit-gs

Author	SHA1	Message	Date
Brent Cook	e4f9594646	Land #6331 , ensure generic payloads raise correct exceptions on failure	2015-12-23 15:43:12 -06:00
Brent Cook	493700be3a	remove duplicate key warning from Ruby 2.2.x This gets rid of the warning: modules/exploits/multi/http/uptime_file_upload_2.rb:283: warning: duplicated key at line 284 ignored: "newuser"	2015-12-23 10:39:35 -06:00
Christian Mehlmauer	424e7b6bfe	Land #6384 , more joomla rce references	2015-12-22 22:54:58 +01:00
JT	18398afb56	Update joomla_http_header_rce.rb	2015-12-23 05:48:26 +08:00
JT	cc40c61848	Update joomla_http_header_rce.rb	2015-12-23 05:38:57 +08:00
Christian Mehlmauer	f6eaff5d96	use the new and shiny joomla mixin	2015-12-22 21:36:42 +01:00
JT	314e902098	Add original exploit discoverer and exploit-db ref Adding Gary @ Sec-1 ltd for the original exploit and two exploit-db references. Marc-Alexandre Montpas modified Gary's exploit that uses "User-Agent" header. Marc-Alexandre Montpas used "X-FORWARDED-FOR" header to avoid default logged to access.log	2015-12-22 22:44:59 +08:00
Louis Sato	726578b189	Land #6370 , add joomla reference	2015-12-18 17:05:07 -06:00
Christian Mehlmauer	fb6ede80c9	add joomla reference	2015-12-18 18:27:48 +01:00
wchen-r7	485196af4e	Remove modules/exploits/multi/http/uptime_file_upload.rb Please use exploit/multi/http/uptime_file_upload_1 for exploiting post2file.php on an older version of uptime. If you are exploiting uptime that is patched against exploit/multi/http/uptime_file_upload_1, then you may want to try exploit/multi/http/uptime_file_upload_2.	2015-12-17 23:01:57 -06:00
wchen-r7	06f1949e2c	Land #6355 , Joomla HTTP Header Unauthenticated Remote Code Execution CVE-2015-8562	2015-12-16 17:55:51 -06:00
Christian Mehlmauer	8c43ecbfaf	add random terminator and clarify target	2015-12-17 00:08:52 +01:00
Christian Mehlmauer	08d0ffd709	implement @wvu-r7 's feedback	2015-12-16 22:44:01 +01:00
Christian Mehlmauer	76438dfb2f	implement @wchen-r7 's suggestions	2015-12-16 20:31:43 +01:00
Christian Mehlmauer	b43d580276	try to detect joomla version	2015-12-16 16:16:59 +01:00
Christian Mehlmauer	30f90f35e9	also check for debian version number	2015-12-16 15:19:33 +01:00
Christian Mehlmauer	67eba0d708	update description	2015-12-16 14:46:00 +01:00
Christian Mehlmauer	fa3fb1affc	better ubuntu version check	2015-12-16 14:18:44 +01:00
Christian Mehlmauer	60181feb51	more ubuntu checks	2015-12-16 14:02:26 +01:00
Christian Mehlmauer	934c6282a5	check for nil	2015-12-16 13:52:06 +01:00
Christian Mehlmauer	2661cc5899	check ubuntu specific version	2015-12-16 13:49:07 +01:00
Christian Mehlmauer	675dff3b6f	use Gem::Version for version compare	2015-12-16 13:04:15 +01:00
Christian Mehlmauer	01b943ec93	fix check method	2015-12-16 07:26:25 +01:00
Christian Mehlmauer	595645bcd7	update description	2015-12-16 07:03:01 +01:00
Christian Mehlmauer	d80a7e662f	some formatting	2015-12-16 06:57:06 +01:00
Christian Mehlmauer	c2795d58cb	use target_uri.path	2015-12-16 06:55:23 +01:00
Christian Mehlmauer	2e54cd2ca7	update description	2015-12-16 06:42:41 +01:00
Christian Mehlmauer	d4ade7a1fd	update check method	2015-12-16 00:18:39 +01:00
Christian Mehlmauer	c603430228	fix version check	2015-12-15 18:26:21 +01:00
wchen-r7	b9b280954b	Add a check for joomla	2015-12-15 11:03:36 -06:00
Christian Mehlmauer	e4309790f5	renamed module because X-FORWARDED-FOR header is also working	2015-12-15 17:37:45 +01:00
Christian Mehlmauer	84d5067abe	add joomla RCE module	2015-12-15 17:20:49 +01:00
wchen-r7	11c1eb6c78	Raise Msf::NoCompatiblePayloadError if generate_payload_exe fails Most exploits don't check nil for generate_payload_exe, they just assume they will always have a payload. If the method returns nil, it ends up making debugging more difficult. Instead of checking nil one by one, we just raise.	2015-12-08 21:13:23 -06:00
wchen-r7	53acfd7ce3	Land #6303 , Add phpFileManager 0.9.8 Remote Code Execution	2015-12-07 21:13:48 -06:00
wchen-r7	ea3c7cb35b	Minor edits	2015-12-07 21:13:14 -06:00
jvazquez-r7	340fe5640f	Land #6255 , @wchen-r7's module for Atlassian HipChat JIRA plugin	2015-12-03 20:01:06 -06:00
jvazquez-r7	a972b33825	Fix typo	2015-12-03 20:00:37 -06:00
wchen-r7	f8c11b9cd1	Move to multi	2015-12-03 17:49:21 -06:00
JT	3bbc413935	Update phpfilemanager_rce.rb	2015-12-04 06:20:43 +08:00
JT	28ca899914	Update phpfilemanager_rce.rb	2015-12-03 18:07:25 +08:00
JT	d63bb4768f	Update phpfilemanager_rce.rb	2015-12-03 14:09:02 +08:00
JT	374b630601	Update phpfilemanager_rce.rb	2015-12-03 13:57:19 +08:00
JT	56b810cb18	Update phpfilemanager_rce.rb	2015-12-03 12:44:41 +08:00
JT	5414f33804	Update phpfilemanager_rce.rb	2015-12-03 12:43:47 +08:00
JT	ab77ab509a	Update phpfilemanager_rce.rb	2015-12-03 12:35:49 +08:00
JT	869caf789f	Update phpfilemanager_rce.rb	2015-12-03 12:34:17 +08:00
JT	a2d51d48cd	Add phpFileManager 0.9.8 Remote Code Execution	2015-12-03 12:11:31 +08:00
HD Moore	16d0d53150	Update Shellshock modules, add Advantech coverage	2015-12-01 10:40:46 -06:00
Louis Sato	9a0f0a7843	Land #6142 , uptime refactor	2015-11-12 16:58:55 -06:00
wchen-r7	ee25cb88b5	Land #6196 , vBulletin 5.1.2 Unserialize Code Execution	2015-11-12 14:38:39 -06:00

1 2 3 4 5 ...

1249 Commits